feat(provider): add Coder SSH-lease provider by coygeek · Pull Request #271 · openclaw/crabbox

coygeek · 2026-06-12T00:25:27Z

Summary

Adds a direct Coder Linux SSH-lease provider backed by the local coder CLI.

Registers provider: coder as a direct SSH-lease backend with cleanup support.
Keeps Coder auth in the native Coder CLI login store; Crabbox does not store Coder API tokens.
Creates, starts, stops, and optionally deletes Crabbox-claimed Coder workspaces with conservative stop-first defaults.
Runs normal Crabbox sync/command/SSH flows through coder ssh --stdio proxy mode.
Hardens workspace ownership, local-claim metadata, release intent, owner-qualified workspace resolution, known-hosts isolation, failed-acquire rollback, and cleanup safety.
Adds provider docs, command docs, config/flags/env handling, registration, tests, generated provider metadata, and shared live-smoke wiring.

Verification

Local validation on current head a9d8eecbe929e446e641913a28c73c04f0c3e883:

bash -n scripts/live-smoke.sh
node --test scripts/live-smoke.test.js
node scripts/check-docs-links.mjs
node scripts/check-command-docs.mjs
go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
git diff --check

Public CI is green on current head: https://github.com/openclaw/crabbox/actions/runs/28097206830

Remaining Merge Gate

Do not merge yet while status: 📣 needs proof and merge-risk: 🚨 compatibility remain. This still needs redacted authenticated Coder proof against a disposable template:

CRABBOX_LIVE=1 CRABBOX_LIVE_PROVIDERS=coder CRABBOX_LIVE_COORDINATOR=0 \
  CRABBOX_LIVE_CODER_TEMPLATE=<template> \
  CRABBOX_LIVE_REPO=<repo> scripts/live-smoke.sh

Required proof should show doctor, cleanup --dry-run, stop-by-default warmup, status --wait, inspect, SSH command rendering, a synced command, history/log capture, stop, stopped-workspace status, delete-on-release warmup/run/stop, list, and final dry-run cleanup. Maintainers also need to accept the built-in Coder lifecycle contract before merge.

clawsweeper · 2026-06-12T00:56:59Z

Codex review: needs real behavior proof before merge. Reviewed June 24, 2026, 9:08 AM ET / 13:08 UTC.

Summary
The branch adds a direct Linux Coder SSH-lease provider backed by the local coder CLI, with config/env/flags, provider registration, docs, tests, and live-smoke harness support.

Reproducibility: not applicable. This PR adds a new provider rather than fixing a broken existing behavior. The missing verification is not a source reproduction; it is authenticated live Coder proof for the new lifecycle and SSH path.

Review metrics: 3 noteworthy metrics.

PR Surface: 31 files changed, +4033/-6. This is a broad new-provider addition touching CLI config, provider code, docs, generated metadata, tests, and live-smoke scripts.
Provider Count: 1 built-in provider added. The branch changes Crabbox’s supported provider matrix and user-visible provider selection surface.
Live Proof State: 1 harness added, 0 authenticated proof artifacts posted. The repeatable test path exists, but the merge gate depends on real Coder behavior outside CI.

Root-cause cluster
Relationship: fixed_by_candidate
Canonical: #265
Summary: This PR is the implementation candidate for the open Coder provider feature request; no merged replacement or separate canonical PR was found.

Members:

canonical: Feature request: add Coder as a Crabbox SSH-lease provider #265 - The issue requests the same first-class Coder SSH-lease provider and remains open pending product/lifecycle acceptance.

Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🐚 platinum hermit
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

[P1] Add redacted live Coder proof from CRABBOX_LIVE=1 CRABBOX_LIVE_PROVIDERS=coder CRABBOX_LIVE_COORDINATOR=0 CRABBOX_LIVE_CODER_TEMPLATE=<template> CRABBOX_LIVE_REPO=<repo> scripts/live-smoke.sh; redact private URLs, IPs, API keys, endpoints, phone numbers, and other private details.
[P1] Have a maintainer explicitly accept or reject the built-in Coder lifecycle contract before merge.

Proof guidance:

[P1] Needs real behavior proof before merge: The PR has local validation, green CI, and a live-smoke harness, but no redacted output/logs/recording from an authenticated Coder deployment showing the changed behavior after the fix. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Risk before merge

[P1] No redacted live output from an authenticated Coder deployment proves the real coder CLI JSON shape, workspace lifecycle, SSH proxy tunnel, sync/run path, stop, delete-on-release, or cleanup behavior.
[P1] Merging makes Crabbox a built-in lifecycle owner for Coder workspaces, which may contain persistent user state, so maintainers need to explicitly accept the stop/delete/cleanup contract.
[P1] Current main previously directs Coder users to ssh or external unless a narrow lifecycle contract exists; this PR supplies that contract, but accepting it is still a product decision.

Maintainer options:

Require Live Coder Proof (recommended)
Before merge, ask for redacted terminal output, copied live output, logs, or a recording from the posted Coder live-smoke command against a disposable authenticated template.
Approve The Lifecycle Contract
A maintainer can explicitly accept the built-in Coder provider contract: CLI auth, stop-by-default release, opt-in delete, and claim-scoped cleanup only.
Defer Built-In Coder Ownership
If maintainers are not ready to own Coder workspace lifecycle in core, pause or close this PR and keep the documented ssh/external path for existing Coder workspaces.

Next step before merge

[P1] Human review is needed because automation cannot supply authenticated Coder deployment proof or decide whether Crabbox should own this built-in lifecycle.

Security
Cleared: No concrete security or supply-chain regression was found; the diff adds no dependencies/workflows and keeps Coder auth in the Coder CLI rather than adding token flags or persisted Coder tokens.

Review details

Best possible solution:

Land the provider only after redacted authenticated Coder live-smoke proof is posted and maintainers explicitly accept the stop-by-default, opt-in-delete, claim-scoped cleanup lifecycle; otherwise keep existing ssh/external guidance for Coder workspaces.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this PR adds a new provider rather than fixing a broken existing behavior. The missing verification is not a source reproduction; it is authenticated live Coder proof for the new lifecycle and SSH path.

Is this the best way to solve the issue?

Yes at the architecture level: a provider adapter using the local Coder CLI and SSH ProxyCommand is the narrowest fit for Crabbox’s SSH-lease model. It is not merge-ready until live proof and lifecycle/product acceptance are supplied.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 73549f35a4a0.

Label changes

Label justifications:

P2: This is a normal-priority provider feature with meaningful user value but limited blast radius and no current regression.
merge-risk: 🚨 compatibility: Merging changes Coder from an external/static-SSH recommendation to a built-in workspace lifecycle path with stop/delete/cleanup behavior.
rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🐚 platinum hermit.
status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR has local validation, green CI, and a live-smoke harness, but no redacted output/logs/recording from an authenticated Coder deployment showing the changed behavior after the fix. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, the PR author or someone with repository write access can comment @clawsweeper re-review.

Evidence reviewed

What I checked:

Current main does not implement the provider: Current main has no internal/providers/coder directory; the only current-main Coder references still say to use ssh/external unless a narrow lifecycle contract exists. (docs/features/provider-selection.md:108, 73549f35a4a0)
Provider adapter shape matches the requested feature: The PR registers coder as a direct SSH-lease provider for Linux with SSH, crabbox-sync, cleanup, and coordinator=never. (internal/providers/coder/provider.go:18, a9d8eecbe929)
SSH path uses Coder proxy mode: The SSH target is proxy-backed through coder ssh --stdio --wait, with isolated known_hosts and readiness checks for git, rsync, and tar. (internal/providers/coder/backend.go:845, a9d8eecbe929)
Lifecycle contract is intentionally conservative: The docs and code default release/cleanup to stop, require opt-in delete, and limit cleanup mutation to workspaces with local Crabbox claim metadata. (docs/providers/coder.md:101, a9d8eecbe929)
Repeatable live-smoke path exists but has not been run against Coder: The PR adds a Coder live-smoke harness covering doctor, cleanup dry-run, warmup, status, inspect, SSH rendering, run, history/logs, stop, delete-on-release, list, and final cleanup dry-run. (scripts/live-smoke.sh:413, a9d8eecbe929)
PR metadata still declares the proof gate: The PR body and labels say not to merge until redacted authenticated Coder proof is posted and the lifecycle contract is accepted; GitHub reports the branch mergeable and CI checks green. (a9d8eecbe929)

Likely related people:

coygeek: They authored multiple recent merged provider additions on current main and authored the initial Coder provider commits, so they are a strong routing candidate for provider behavior questions. (role: recent provider contributor and feature proposer; confidence: high; commits: 836130bbcb03, baa8562f139b, d6be66ec65cf; files: internal/providers/morph, internal/providers/hostinger, internal/providers/linode)
vincentkoc: They introduced the current provider-selection Coder stance on main and pushed the PR’s maintainer repairs for rollback policy, docs, and live-smoke coverage. (role: recent area contributor and PR repair author; confidence: high; commits: 56d058c0b846, 6cc11f38472e, a8a0f6a2b452; files: docs/features/provider-selection.md, internal/providers/coder, docs/providers/coder.md)
steipete: They have substantial current-main history in provider registry/backend capability work and external lifecycle routing that frames this provider integration. (role: adjacent provider framework owner; confidence: medium; commits: 494f3a4d779e, 11502398edef, 7f7756d2572a; files: internal/cli, internal/providers, docs/features/provider-selection.md)

What the crustacean ranks mean

🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

ClawSweeper keeps one durable marker-backed review comment per issue or PR.
Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
Maintainers can also comment @clawsweeper review to request a fresh review only.
Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

vincentkoc · 2026-06-24T06:17:15Z

Updated this PR to current main and pushed maintainer fixes to coygeek:feat/coder-provider.

Head: 2b4e6c85af50d4e7d825dcbff7830adb9a109ff5
CI: https://github.com/openclaw/crabbox/actions/runs/28078503936

Local verification run from the repaired branch:

go run golang.org/x/tools/cmd/deadcode@v0.45.0 -test ./...
go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
node scripts/generate-provider-matrix.mjs --check
node scripts/check-command-docs.mjs
node scripts/check-docs-links.mjs
go vet ./...
go build -trimpath -o bin/crabbox ./cmd/crabbox

Public CI is now green across Go, Apple VZ, Worker, Scripts, Docs, and Release Check. The previous Go deadcode failure is fixed.

Remaining blocker: I did not merge this because the PR still has status: 📣 needs proof and merge-risk: 🚨 compatibility, and I do not have live Coder provider credentials/access to prove real acquire/run/stop/cleanup behavior against a Coder deployment.

@clawsweeper re-review

clawsweeper · 2026-06-24T06:17:18Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

vincentkoc · 2026-06-24T08:32:25Z

Pushed a follow-up maintainer fix for the rollback policy finding.

Head: 1c60f26673b919149ad9664638e18543998bb643

What changed:

failed-acquire rollback now goes through the same releaseWorkspace path as normal release;
default rollback stops the Coder workspace instead of deleting it;
--coder-delete-on-release still opts into delete-on-rollback;
rollback failure hints now point users at the matching crabbox stop --provider coder ... cleanup command.

Local verification on this head:

go test ./internal/providers/coder
go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
node scripts/generate-provider-matrix.mjs --check
node scripts/check-command-docs.mjs
node scripts/check-docs-links.mjs
go vet ./...
go run golang.org/x/tools/cmd/deadcode@v0.45.0 -test ./...
go build -trimpath -o bin/crabbox ./cmd/crabbox
git diff --check

Public CI is running here: https://github.com/openclaw/crabbox/actions/runs/28085711406

Remaining blocker: I am not merging this without live Coder provider proof and cleared proof/compatibility labels.

@clawsweeper re-review

clawsweeper · 2026-06-24T08:32:29Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

vincentkoc · 2026-06-24T08:47:21Z

Public CI is green on repaired head 1c60f26673b919149ad9664638e18543998bb643: https://github.com/openclaw/crabbox/actions/runs/28085711406

Green checks: Go, Apple VZ, Worker, Scripts, Docs, Release Check, and Socket.

Still not merging: status: 📣 needs proof and merge-risk: 🚨 compatibility remain, and this still needs redacted live Coder acquire/run/status/stop/delete behavior proof against a real authenticated Coder deployment.

Add a direct Coder provider that leases workspaces through the local Coder CLI and exposes them as proxy-backed SSH leases for Crabbox commands. Keep Coder auth in the native CLI store while making doctor, run, ssh, stop, and cleanup work with conservative stop-first lifecycle defaults. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Require explicit Crabbox markers or legacy Crabbox labels before generic lease metadata is trusted, while keeping prefix-based ownership and legacy label resolution working. This prevents cleanup or resolve from acting on unrelated Coder workspaces after the provider branch is merged. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Check claim freshness before stopped-state cleanup so opted-in delete cleanup cannot remove still-claimed Coder workspaces. Add a regression test for stopped active claims to keep resolve-on-demand leases reusable. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Use the configured stop-vs-delete release policy for post-create rollback paths, but only after verifying the workspace exists when coder create itself fails. This keeps disposable Coder workspaces cleaned up while preserving the original create error for failures that never produced a workspace. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Hash overlong Coder workspace names before truncation and fall back to a lease-hash slug suffix when an existing workspace already occupies the derived name. This keeps long requested slugs stable enough for humans while avoiding deterministic create collisions. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Decide between coder list and coder list --all from the original request or stored claim reference before resolving and keep that same scope for post-start refreshes. This lets lease-id and slug based commands keep working when a claim points at an owner-qualified workspace. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Attach the proxy SSH target to ready status-only leases and preserve accumulated doctor checks when inventory listing fails. This keeps status JSON honest for ready workspaces and retains inventory diagnostics in failing doctor output. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Propagate Coder work-root defaults through normal config loading, stamp resolved Coder servers with that work root, and use unique slash-free SSH host aliases for owner-qualified workspaces while keeping the full ref in the proxy command. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Reuse persisted keep metadata from local claims when resolving, listing, and cleaning Coder workspaces so explicit keep requests survive later status and run flows without making ordinary claims immortal. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Persist Coder release intent in local claims, make workspace names lease-unique, and restrict cleanup to claimed workspaces so Crabbox does not mutate unrelated Coder environments. Also preserve owner-qualified workspace resolution, add safer acquisition rollback, isolate Coder known_hosts state, and include the delete-on-release flag in generated stop commands. Refs: openclaw#265

vincentkoc · 2026-06-24T08:55:39Z

Rebased this PR onto current main after #674 landed.

New head: 6cc11f38472ee6b20c1a65656cd525bf8a74cb20

Conflict resolved in the generated provider matrix so the current surface is now 67 providers (39 SSH lease, 26 delegated run, 2 service control) with both AWS Lambda MicroVM and Coder present.

Local validation on the rebased head:

go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
node scripts/generate-provider-matrix.mjs --check
node scripts/check-command-docs.mjs
node scripts/check-docs-links.mjs
go vet ./...
go run golang.org/x/tools/cmd/deadcode@v0.45.0 -test ./...
go build -trimpath -o bin/crabbox ./cmd/crabbox
git diff --check

Still not merging: live Coder provider proof and cleared proof/compatibility gates are still required.

vincentkoc · 2026-06-24T09:11:46Z

Public CI is green on rebased head 6cc11f38472ee6b20c1a65656cd525bf8a74cb20: https://github.com/openclaw/crabbox/actions/runs/28087057668

Green checks: Go, Apple VZ, Worker, Scripts, Docs, and Release Check. Merge state is clean.

Still not merging: status: 📣 needs proof and merge-risk: 🚨 compatibility remain, and this still needs redacted live Coder acquire/run/status/stop/delete behavior proof against a real authenticated Coder deployment.

vincentkoc · 2026-06-24T11:28:31Z

@clawsweeper re-review

Maintainer docs repair pushed in a8a0f6a.

What changed:

Reconciled provider-direction docs with the new built-in provider: coder branch.
Documented the narrow lifecycle contract: local Coder CLI auth, direct SSH proxy execution, stop-by-default release, delete only by opt-in, and cleanup only for locally claimed workspaces.
Kept ssh / external guidance for existing Coder workspaces that Crabbox should not manage.

Validation:

rg -n 'Coder.*Do not support|Do not mirror.*Coder|Coder workspace should enter Crabbox|unless there is a narrow lifecycle contract|Do not support directly by default' docs README.md returned no matches
node scripts/check-docs-links.mjs
node scripts/check-command-docs.mjs
go test ./internal/providers/coder
git diff --check

Still not merge-ready: live authenticated Coder proof and maintainer lifecycle/product acceptance remain missing.

clawsweeper · 2026-06-24T11:28:34Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

vincentkoc · 2026-06-24T11:44:57Z

Public CI is green on a8a0f6a2b452e120eb25c538dfefa68423b7c0e1: https://github.com/openclaw/crabbox/actions/runs/28095227642

Green checks: Go, Apple VZ, Worker, Scripts, Docs, Release Check, and Socket.

ClawSweeper re-review updated at June 24, 2026 11:38 UTC. The previous P3 provider-direction docs finding is gone; remaining blockers are still human/proof gates: redacted live Coder doctor/acquire/run/ssh/status/stop/delete/cleanup proof and explicit maintainer acceptance of the built-in Coder lifecycle contract.

Not merging this PR yet.

vincentkoc · 2026-06-24T12:06:05Z

@clawsweeper re-review

Pushed a Coder live-smoke harness on current head a9d8eecbe929e446e641913a28c73c04f0c3e883.

Changes made:

scripts/live-smoke.sh now supports CRABBOX_LIVE_PROVIDERS=coder
the Coder smoke refuses to mutate until a disposable template is selected
the smoke proves doctor, cleanup --dry-run, stop-by-default warmup/status/inspect/ssh/run/history/logs/stop/status, delete-on-release warmup/run/stop, list, and final dry-run cleanup
documented the shared command in docs/providers/coder.md and docs/operations.md
added scripts/live-smoke.test.js coverage for both stop and delete release actions

Local validation:

bash -n scripts/live-smoke.sh
node --test scripts/live-smoke.test.js
node scripts/check-docs-links.mjs
node scripts/check-command-docs.mjs
go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
git diff --check

Public CI is running here: https://github.com/openclaw/crabbox/actions/runs/28097206830

Still not merging: this adds a repeatable proof path, but it is not live Coder proof. The PR still needs redacted live authenticated Coder output and explicit maintainer acceptance of the built-in lifecycle contract.

clawsweeper · 2026-06-24T12:06:07Z

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

vincentkoc · 2026-06-24T12:25:39Z

Public CI is green on current head a9d8eecbe929e446e641913a28c73c04f0c3e883: https://github.com/openclaw/crabbox/actions/runs/28097206830

Green checks: Go, Apple VZ, Worker, Scripts, Docs, and Release Check.

This includes the new Coder live-smoke harness coverage. Still not merging: status: 📣 needs proof and merge-risk: 🚨 compatibility remain. The PR still needs redacted live authenticated Coder doctor/acquire/run/ssh/status/stop/delete/cleanup proof plus explicit maintainer acceptance of the built-in Coder lifecycle contract.

vincentkoc · 2026-06-24T13:00:56Z

@clawsweeper re-review

Updated the PR body with the canonical summary, validation evidence, and remaining merge gate for current head. No code changes in this update.

Still not merging unless the live proof labels clear and the provider-specific proof/contract gate is satisfied.

vincentkoc · 2026-06-24T15:49:03Z

Maintainer acceptance for the remaining proof gate on current head a9d8eecbe929e446e641913a28c73c04f0c3e883.

I am accepting the non-live proof as sufficient for this provider because the implementation delegates auth and policy to the local coder CLI, does not store Coder tokens in Crabbox config, defaults release to coder stop, makes destructive delete opt-in, isolates known_hosts per workspace identity, and now has explicit rollback/ownership/live-smoke harness coverage. Live Coder proof remains stronger, but current maintainer credentials for a disposable Coder template are not available.

Final pre-merge verification on exact head:

git rev-parse HEAD
# a9d8eecbe929e446e641913a28c73c04f0c3e883

git diff --check
bash -n scripts/live-smoke.sh
node --test scripts/live-smoke.test.js
# 49 tests passed
node scripts/check-command-docs.mjs
node scripts/check-docs-links.mjs
go test ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
go test -count=1 ./internal/providers/coder ./internal/providers/all ./internal/cli ./cmd/crabbox
go build -trimpath -o bin/crabbox ./cmd/crabbox

Public CI is green on this head: https://github.com/openclaw/crabbox/actions/runs/28097206830

Merging with rebase/no-squash and --match-head-commit.

coygeek marked this pull request as ready for review June 12, 2026 00:26

vincentkoc force-pushed the feat/coder-provider branch from f7dd30a to 2b4e6c8 Compare June 24, 2026 05:58

vincentkoc changed the title ~~[codex] Add Coder SSH-lease provider~~ feat(provider): add Coder SSH-lease provider Jun 24, 2026

coygeek and others added 13 commits June 24, 2026 16:52

fix(provider): restore firecracker ssh default

57a5390

fix(coder): remove unused helper wrappers

b22034c

fix(coder): honor stop-first rollback policy

6cc11f3

vincentkoc force-pushed the feat/coder-provider branch from 1c60f26 to 6cc11f3 Compare June 24, 2026 08:55

docs(coder): align provider lifecycle guidance

a8a0f6a

test(coder): add live smoke coverage

a9d8eec

vincentkoc merged commit 0ec69d6 into openclaw:main Jun 24, 2026
6 checks passed

coygeek mentioned this pull request Jun 24, 2026

Feature request: add Coder as a Crabbox SSH-lease provider #265

Closed

Uh oh!

Conversation

coygeek commented Jun 12, 2026 • edited by vincentkoc Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Verification

Remaining Merge Gate

Uh oh!

clawsweeper Bot commented Jun 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

clawsweeper Bot commented Jun 24, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

clawsweeper Bot commented Jun 24, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

clawsweeper Bot commented Jun 24, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

clawsweeper Bot commented Jun 24, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

vincentkoc commented Jun 24, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

coygeek commented Jun 12, 2026 •

edited by vincentkoc

Loading

clawsweeper Bot commented Jun 12, 2026 •

edited

Loading

clawsweeper Bot commented Jun 24, 2026 •

edited

Loading

clawsweeper Bot commented Jun 24, 2026 •

edited

Loading

clawsweeper Bot commented Jun 24, 2026 •

edited

Loading

clawsweeper Bot commented Jun 24, 2026 •

edited

Loading